package com.chucang.shucang.auth.support.core;

import com.chucang.shucang.auth.support.handler.FormAuthenticationFailureHandler;
import com.chucang.shucang.auth.support.handler.SsoLogoutSuccessHandler;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;

/**
 * @author flitsneak
 * @email flitsneak@gmail.com
 * @date 2022/9/16 13:45
 * @description 基于授权码模式 统一认证登录
 */
public class FormIdentityLoginConfigurer extends AbstractHttpConfigurer<FormIdentityLoginConfigurer, HttpSecurity> {
    @Override
    public void init(HttpSecurity http) throws Exception {
        http.formLogin(formLogin -> {
                            formLogin.loginPage("/token/login");
                            formLogin.loginProcessingUrl("/token/form");
                            formLogin.failureHandler(new FormAuthenticationFailureHandler());
                        }
                )
                .logout() // SSO登出成功处理
                .logoutSuccessHandler(new SsoLogoutSuccessHandler())
                .deleteCookies("JSESSIONID")
                .invalidateHttpSession(true)
                .and()
                .csrf()
                .disable();
    }
}
